aboutsummaryrefslogtreecommitdiff
path: root/libssh/auth1.c
diff options
context:
space:
mode:
Diffstat (limited to 'libssh/auth1.c')
-rw-r--r--libssh/auth1.c36
1 files changed, 26 insertions, 10 deletions
diff --git a/libssh/auth1.c b/libssh/auth1.c
index 6189f3ec..3571d76d 100644
--- a/libssh/auth1.c
+++ b/libssh/auth1.c
@@ -35,9 +35,12 @@
#ifdef WITH_SSH1
static int wait_auth1_status(ssh_session session) {
+ enter_function();
/* wait for a packet */
while(session->auth_state == SSH_AUTH_STATE_NONE)
ssh_handle_packets(session,-1);
+ ssh_log(session,SSH_LOG_PROTOCOL,"Auth state : %d",session->auth_state);
+ leave_function();
switch(session->auth_state) {
case SSH_AUTH_STATE_SUCCESS:
return SSH_AUTH_SUCCESS;
@@ -64,10 +67,11 @@ static int send_username(ssh_session session, const char *username) {
ssh_string user = NULL;
/* returns SSH_AUTH_SUCCESS or SSH_AUTH_DENIED */
if(session->auth_service_state == SSH_AUTH_SERVICE_USER_SENT) {
- return SSH_OK;
- }
- if(session->auth_service_state == SSH_AUTH_SERVICE_DENIED) {
- return SSH_ERROR;
+ if(session->auth_state == SSH_AUTH_STATE_FAILED)
+ return SSH_AUTH_DENIED;
+ if(session->auth_state == SSH_AUTH_STATE_SUCCESS)
+ return SSH_AUTH_SUCCESS;
+ return SSH_AUTH_ERROR;
}
if (!username) {
@@ -94,16 +98,19 @@ static int send_username(ssh_session session, const char *username) {
return SSH_AUTH_ERROR;
}
string_free(user);
+ session->auth_state=SSH_AUTH_STATE_NONE;
if (packet_send(session) != SSH_OK) {
return SSH_AUTH_ERROR;
}
if(wait_auth1_status(session) == SSH_AUTH_SUCCESS){
- session->auth_state=SSH_AUTH_SERVICE_USER_SENT;
+ session->auth_service_state=SSH_AUTH_SERVICE_USER_SENT;
+ session->auth_state=SSH_AUTH_STATE_SUCCESS;
return SSH_AUTH_SUCCESS;
} else {
- session->auth_state=SSH_AUTH_SERVICE_DENIED;
- return SSH_AUTH_ERROR;
+ session->auth_service_state=SSH_AUTH_SERVICE_USER_SENT;
+ ssh_set_error(session,SSH_REQUEST_DENIED,"Password authentication necessary for user %s",username);
+ return SSH_AUTH_DENIED;
}
}
@@ -122,6 +129,8 @@ int ssh_userauth1_offer_pubkey(ssh_session session, const char *username,
(void) username;
(void) type;
(void) pubkey;
+ enter_function();
+ leave_function();
return SSH_AUTH_DENIED;
}
@@ -129,9 +138,10 @@ int ssh_userauth1_password(ssh_session session, const char *username,
const char *password) {
ssh_string pwd = NULL;
int rc;
-
+ enter_function();
rc = send_username(session, username);
if (rc != SSH_AUTH_DENIED) {
+ leave_function();
return rc;
}
@@ -146,6 +156,7 @@ int ssh_userauth1_password(ssh_session session, const char *username,
/* not risky to disclose the size of such a big password .. */
pwd = string_from_char(password);
if (pwd == NULL) {
+ leave_function();
return SSH_AUTH_ERROR;
}
} else {
@@ -157,6 +168,7 @@ int ssh_userauth1_password(ssh_session session, const char *username,
*/
pwd = string_new(128);
if (pwd == NULL) {
+ leave_function();
return SSH_AUTH_ERROR;
}
ssh_get_random( pwd->string, 128, 0);
@@ -166,11 +178,13 @@ int ssh_userauth1_password(ssh_session session, const char *username,
if (buffer_add_u8(session->out_buffer, SSH_CMSG_AUTH_PASSWORD) < 0) {
string_burn(pwd);
string_free(pwd);
+ leave_function();
return SSH_AUTH_ERROR;
}
if (buffer_add_ssh_string(session->out_buffer, pwd) < 0) {
string_burn(pwd);
string_free(pwd);
+ leave_function();
return SSH_AUTH_ERROR;
}
@@ -178,10 +192,12 @@ int ssh_userauth1_password(ssh_session session, const char *username,
string_free(pwd);
session->auth_state=SSH_AUTH_STATE_NONE;
if (packet_send(session) != SSH_OK) {
+ leave_function();
return SSH_AUTH_ERROR;
}
-
- return wait_auth1_status(session);
+ rc = wait_auth1_status(session);
+ leave_function();
+ return rc;
}
#endif /* WITH_SSH1 */